Terms and Conditions
- Purpose and Scope
- Legal and Regulatory Basis
- Definitions
- Account Opening and KYC (Students and Parents/Guardians)
- Funds, Escrow Arrangement and Safeguarding
- Transaction Types, Limits and Controls
- Fees and Disclosure
- AML/CFT & Fraud Management
- Data Protection, Privacy and Children’s Data
- Integration with Telecom/Mobile Money & Processor
- Disputes, Refunds and Customer Support
- Operational Resilience, Availability & SLAs
- Audit, Compliance and Regulatory Reporting
- Liability, Indemnities and Insurance
- Changes to Rules and Notice
- Termination and Winding Down
- References
Purpose and Scope
These Payment System Rules (“Rules”) govern the operation, access, use, and oversight of the Omni Student Card — a digital pocket-money service that enables parents/guardians to load funds onto student accounts managed on the platform (each student allocated a unique Student Number).
The Rules apply to Omni Student Card (the “Platform”), the partner bank holding the escrow/trust accounts (“Bank”), the transaction processing fintech (the “Processor”), participating schools, parents/guardians, students, merchants and any third-party agents involved in onboarding, transaction processing, or reconciliation.
Legal and Regulatory Basis
- These Rules are made to ensure compliance with applicable Ugandan laws and regulatory requirements, including but not limited to:
- The National Payment Systems Act, Cap. 59 and related regulations governing payment systems, e-money issuance, and licensing of payment service providers.
- The Data Protection and Privacy Act, 2019 regarding the lawful collection and processing of personal data (including children’s data).
- Bank of Uganda guidance, Mobile Money and e-money related regulations and any applicable Financial Institutions Act and AML/CFT requirements administered by the Financial Intelligence Authority (FIA).
Definitions
| Term | Definition |
|---|---|
|
Account |
A virtual account assigned to a Student Number on the Platform where value (funds) is maintained.
|
|
Student Number
|
Unique identifier assigned to each student on the Platform.
|
|
Parent/Guardian |
Legal guardian who provides consent, loads funds, and controls certain permissions for a student account.
|
|
Escrow/Trust Account |
Bank account(s) held with the Bank where customer funds backing e-money are held in accordance with applicable regulations. |
|
Processor |
Third-party fintech responsible for transaction routing between telecom/mobile money networks and the Bank. |
Account Opening and KYC (Students and Parents/Guardians)
Eligibility & Consent
Students under 18 years cannot independently hold accounts without verifiable parental/ guardian consent. The Platform will collect documented parental/ guardian consent during account creation.
Student Numbers will be activated upon the parent’s first top-up through a prompt message indicating their Student Number. By topping up the Student Number, the custodian will provide consent for enrollment onto the Omni Student Card. The Payment System Rules and Product Terms & Conditions will be linked to the message as well.
Customer Due Diligence (CDD) and KYC
The Platform and Bank must perform KYC on parents/guardians consistent with Bank of Uganda and FIA AML/CFT guidance. Minimum KYC information will include full name, national ID or passport (where available), date of birth, contact details, and relationship to the student.
For students, the Platform will collect minimal identifying information (Student Number, name, school, class and parent/guardian names and phone numbers) and where processing of special personal data is required (e.g., birth certificate/NIN), consent and lawful basis will be recorded.
Verification & Recordkeeping
The Bank and Platform will retain KYC records, transaction logs, and consent records for a period required by law and regulatory guidance and will make them available for audits and regulatory requests.
Funds, Escrow Arrangement and Safeguarding
Segregation of Customer Funds
All funds held for student Accounts will be segregated from the Platform’s operational funds and maintained in an escrow/trust account with the Bank or in liquid assets as required by the National Payment Systems Act and related regulations. The Platform must not commingle customer funds with its own funds.
100% Backing & Liquidity
Where the Platform issues any electronic money or virtual value tokens, such float must be backed in accordance with the National Payment Systems Act (e.g., held in a trust/special account and/or liquid assets consistent with the law and Bank of Uganda requirements).
Reconciliation & Reporting
Daily reconciliation processes must be implemented between the Platform ledger, Processor settlement reports, telecom/mobile money collections, and the Bank’s escrow account. Any discrepancies will be investigated and resolved within defined SLA (see Section 12).
Interest
Interest earned on customer float/escrow balances will be handled in accordance with the escrow agreement with the Bank and relevant law; policies will define whether interest accrues to customers, the Platform, or the Bank and how it is disclosed.
Transaction Types, Limits and Controls
Allowed Transactions
Parent/Guardian to Student transfers (top-ups).
Student purchases at participating school canteens and approved merchants (QR, POS, or tokenized payments).
Withdrawals or transfers back to parent/guardian mobile money or bank accounts only where allowed and subject to limits and compliance checks.
Transaction Limits
The Platform will implement per-transaction and daily/monthly limits for student accounts tailored to safeguard minors and comply with AML/CFT thresholds. Higher-value actions (e.g., refunds, withdrawals) require elevated verification and parental authorization.
Authorization & PINs
Secure authentication mechanisms through device-based with fingerprint will be used to authorise student transactions where applicable. Students will be able to set and change PINs or approval preferences.
Fees and Disclosure
All fees (top-up, transaction, inactivity, withdrawal) will be disclosed clearly to parents/guardians at onboarding, on the Platform, and in periodic statements.
Any price changes require prior notice in line with consumer protection regulations and agreement terms.
AML/CFT & Fraud Management
The Platform, Bank and Processor will implement AML/CFT controls consistent with the Financial Institutions Act, FIA guidance and Bank of Uganda requirements. This includes transaction monitoring, suspicious activity reporting (SARs), customer risk profiling, and record-keeping.
Enhanced due diligence (EDD) procedures will apply for unusual transaction activity or where risk indicators are present. The Platform will cooperate with law enforcement and FIA in investigations and SAR filings.
Data Protection, Privacy and Children’s Data
Personal data collection and processing will comply with the Data Protection and Privacy Act Cap. 97. Prior informed consent of the parent/guardian is required for processing the child’s personal data.
The Platform will implement data minimization, purpose limitation, storage limitation, and ensure secure processing. A Data Protection Officer (DPO) will be designated to handle data subject requests, breaches and DPIAs where required.
Any and all data that is being collected will be used for product improvement and transaction processing. Any deviation from this will be brought to the attention of the customers.
Any third-party sharing of personal data (e.g., Processor, school, analytics providers) will be governed by Data Processing Agreements that include minimum security, confidentiality and breach notification terms.
Integration with Telecom/Mobile Money & Processor
The Processor will handle settlement instructions between telecom/mobile money networks, the Bank and the Platform. Integration will use secure APIs and adhere to telecoms, mobile network operator (MNO) and Bank technical and security requirements.
Reconciliation files, settlement batching, cut-off times, and exception handling procedures must be defined in technical annexes and SLAs.
No exclusivity terms will be imposed that contravene competition or NPS regulations (where applicable).
Disputes, Refunds and Customer Support
Complaints and disputes will be logged, acknowledged, and resolved per the Platform’s complaints handling policy within defined timelines. Where necessary, disputes may be escalated to the Bank or the Bank of Uganda or other regulators.
Refund mechanics for erroneous or duplicate transactions will be defined, with timelines for processing and reporting.
Complaints will be promptly made to the Xazu Customer Care and WhatsApp Number +256 780 358 709 or via email to [email protected]
Operational Resilience, Availability & SLAs
The Platform and Processor will maintain agreed availability targets and business continuity plans. Incidents impacting funds or system integrity must be reported immediately to the Bank and appropriate regulators as required.
Daily reconciliations, periodic independent audits, penetration testing and security assessments will be scheduled and results disclosed to the Bank as required.
Audit, Compliance and Regulatory Reporting
The Platform will maintain full books, transaction logs, audit trails, reconciliation records and make them available for internal, external and regulatory audits.
Regulatory reporting requirements (including reports to Bank of Uganda and FIA) will be met in full and on time as prescribed by law and the escrow agreement.
Liability, Indemnities and Insurance
Liability allocation between the Platform, Processor and Bank will be set out in the commercial agreements. The Platform will maintain suitable professional indemnity and cyber insurance coverage to protect customers and counterparties against losses where appropriate.
Changes to Rules and Notice
These Rules may be amended from time to time. Material changes affecting customer rights or fees will be communicated to parents/guardians with the statutory notice period and in accordance with consumer protection regulations.
Termination and Winding Down
On termination of the Platform or cessation of services, a wind-down plan will be executed to ensure prompt return or transfer of customer funds, with priority to customer funds held in escrow/trust accounts. Notification will be provided to Bank of Uganda and other relevant regulators as required
References
- Financial Institutions Act, Cap. 57
- National Payment Systems Act, Cap. 59
- Data Protection and Privacy Act, Cap. 97
- Anti Money Laundering Act, Cap.118
- BoU National Payment Systems Regulations 2021
